.htaccess And Blocking By IP As Well As User Agent
Jan 13, 2007
I'm trying to deny from the block of "192.168.1" without much success. Could someone around here divulge the error of my ways?
Here is the exact code I have in my .htaccess file:
Code:
AuthName "Test"
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.1.
</Limit>
View 13 Replies
ADVERTISEMENT
Aug 7, 2008
There's a bot that's taken to trolling my site. I'd like to block it.
1) Is there a relatively straightforward way through cPanel that I can do this?
2) Failing that, via adding some code to a page on my site (I've seen some code when googling on the 'net, but I'm new to this, and don't even know where such code belongs. As far as I can tell, depending on the bot, sometimes severe measures may need to be taken. However, from my limited reading, it seems that appropriate editing of .htaccess might do it.)
View 6 Replies
View Related
Nov 25, 2008
I have a SSG-320M I manage, and would like to know if I can block traffic to our web servers based on the user agent hitting us? I know user agents that keep using more and more IP addresses to crawl us, one already taking up some 30 or 40 addresses under my policies and its a pain to identify these by hand and keep updating the firewall every few days to add new IP addresses for them. Is there somewhere I can add part of the user agent I do not want to ever see again? Right now I do this by having a policy at the top saying "BadBotsGroup" is denied. But I want to deny anyone with a user agent "OneUserAgent" or "SecondUserAgent"
It seems so important and simple, but I do not see anything about being able to do this. Thanks for help and pointers. Right now we have special code at the top of our sites that blocks these bots, but I would much rather do it in one location at the firewall.
View 3 Replies
View Related
Dec 17, 2008
how can i block this user agent through mod_rewrite
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
and is this agent will affect all the IE 6 users ?
and whats is the difference between the one above and this one :
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)?
View 7 Replies
View Related
Jan 27, 2014
I have a rewrite for mobile clients :
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|iphone|ipad|nokia" [NC]
RewriteRule ^$ https://www.myudomain.com/Mobile [L,R=302]
My mobile site is HTML5 written and old phones doesn't support it. How to exclude f.x. old nokias - like 6220 and rewrite old phones to /Mobile_old?
View 1 Replies
View Related
Jul 5, 2007
I'm tired of india people hitting our website (because it is a top hit on google and the others) then calling the next day to bug me to use them for outsourcing.
I am going to block some IP blocks in my .htaccess file to prevent this.
I can see from my statcounter logs that the hits from india so far have come from 59.* 102.* and 203.* (as in 59.###.###.###).
Is there a place I can lookup to find out if I block those, will I will also be blocking some north america IPs (since I'm using such a broad wildcard)?
All our paying business comes from north america.
my htaccess file will look like this:
Code:
# prevents a directory listing when typing in the directory path in the browser
Options -Indexes
#
# My effort to keep india sites from seeing our website
order allow,deny
deny from 203.
deny from 59.
allow from all
View 7 Replies
View Related
Apr 23, 2015
I am having a problem with blocking bots using .htaccess. I think I tried all possible syntax variants, yet all the bots that I am blocking get HTTP 200 response instead of 403 (I can verify it using access log).
I am using Apache 2.4 running on Ubuntu 14.04.2 with Plesk 12.0.18.
My AllowOverride is set to allow the use of .htaccess files, so .htaccess file gets loaded: when I make an error in .htaccess sysntax I can see the error in the error log and the webpages don't load. Besides, I have some "Deny from [IP address]" directives in the .htaccess and I see that these IPs get HTTP 403 response when access my site.
I spent hours trying different variants of .htaccess syntax (see below) and neither seems to work...
variant 0:
SetEnvIfNoCase User-Agent LivelapBot bad_bot
SetEnvIfNoCase User-Agent TurnitinBot bad_bot
Order allow,deny
Allow from all
Deny from env=bad_bot
[Code] ....
View 7 Replies
View Related
Nov 26, 2008
I would like to dissable from executing perl scripts on user accounts.
For example,now user can upload perl script for example with name script.pl:
Code:
#!/usr/bin/perl -w
print "Hello World!";
I would like to block it via mod_security - I don't want to allow running perl scripts with .pl extension at all. Is it possible for Apache 1.x?
View 1 Replies
View Related
May 10, 2009
i recently got multiple logs regarding this weird browser user agent,
Browser Agent:
XXX<? echo "w0000t"; ?>XXX
anyone have information regarding this?
View 3 Replies
View Related
Apr 6, 2009
My dedi host, was having all sorts of problems with simply just setting up a box, taking them roughly a week, and I'm still waiting for a resolution.
Anyhow,
Windows validation failed, I contacted them to open up a ticket, They wanted the password to root because I've changed the default password they gave me, so I gave them the password
(1)Should I not be doing this, or do you have to give them the password when they ask.
(2)Can this have been resolved without giving them password to root.
They said it'd be resolved in an hour, I emailed them back and they said they'll email me when it's done. But they've closed off the ticket.
(3)Issue hasn't been resolved, how's anyone going to be working on it if the ticket is closed? Shouldn't that ticket be left open till the issue is resolved?
Wow I'm so green behind the ears with all this stuff.
View 4 Replies
View Related
Oct 28, 2007
I've setup my ssh to login with keys and passphrase. I would like to do away with passphrases by using agent forwarding. Putty uses Pageant to store private keys, bu from all the tutorials I can find, it's a windows based feature (to add private keys). I've also tried to use ssh-add (a different agent), but it has trouble recognizing my private key passphrase (made with putty). I know the private key is working because I'm able to use use ssh without a password, just the phrase.
What's the best way to do this? Is there a putty pageant command line that I don't know about?
View 2 Replies
View Related
Dec 20, 2014
Plesk from plesk server Migration, I want to do
I get the following error.
Error: No Migration & Transfer Agent found. Data migration cannot be performed.
View 4 Replies
View Related
Aug 21, 2014
I'd like to upgrade my server from Ubuntu 12.04 to Ubuntu 14.04. The idea is to migrate my actual server (S1) to another one (S2). Then, format and install ubuntu 14.04 with Plesk on S1, and finally migrate the data from S2 to S1. Is it a good solution? Is it possible to do this using only one server? I don't know if I can do it making a backup, install Ubuntu 14.04 and then, restore the data into the server.
However, I have a problem with the migration agent. When I go the migration page, the migration agent tries to update itself and it keep at 0% forever (I attach an screenshot).
View 2 Replies
View Related
Jan 10, 2015
I got error, can`t access to panel:
ERROR: Service_Agent_Exception
Unable to read apache features from the service node: [Sat Jan 10 12:25:03.013856 2015] [so:warn] [pid 32541] AH01574: module actions_module is already loaded, skipping
[Sat Jan 10 12:25:03.014058 2015] [so:warn] [pid 32541] AH01574: module auth_digest_module is already loaded, skipping
[Sat Jan 10 12:25:03.014694 2015] [so:warn] [pid 32541] AH01574: module authz_user_module is already loaded, skipping
[Code] ....
View 2 Replies
View Related
May 7, 2007
I thought I knew enough about my .htaccess stuff to do this, but I can't seem to work it out. What I want to do is if a user visits domain.com/folder, we check to see if the folder exists. If so, show as normal (IE domain.com/support)
If a user visits domain.com/dynamicusername (dynamicusername is not a physical folder), redirect to dynamicusername.domain.com
View 3 Replies
View Related
Apr 5, 2007
I've had it with EV1. On any given day we get 30-50 BFD attacks from their servers. That doesn't include the dozens of other types of attempts per day our IPS/IDS catch. We've also traced back client servers that were hacked directly via EV1 servers.
It's obvious that EV1 does little or nothing to stop these issues. We spoke to the FBI about these issues and their comments lead me to believe that EV1 is one of the major sources of these issues and that EV1 has shown little or no effort to curb the problem or cooperate in stopping the issue.
We have elected to now block all all EV1 IPS.
Drastic measures, not really. If they won't take care of their own problems I no longer want them dumped at my door step. I think other hosts might want to think about this.
View 14 Replies
View Related
Apr 28, 2007
At the moment it will block people who login with the wrong username/password 5 times. it also blocks people if they do the wrong email settings.
Is there a way to turn the pop3/email blocking off?
View 3 Replies
View Related
Dec 3, 2006
I am hitting a limit on number of POP signons per hour imposed by my host. I host maybe 10 domains on this account and have 4 or 5 email addresses to monitor for each domain. If I check once every 15 minutes I run up against a limit on the number of POP3 signons permitted by my ip. Add this to having multiple mail clients behind a NAT router and I am beginning to have real problems.
Does anyone else have this issue? Is my only workaround to forward all email to a single account or install a local mail server? Does 100 POP signons an hour from a single IP sound like a lot to anyone? Any advice?
View 6 Replies
View Related
Jul 19, 2008
Let's say you want to protect againts hacking,and using method with simply blocking loading url.So let's say someone hacked your index.html and changed links to lead to his domain.com.Is it possible to block what would be loaded on site ?(to prevent possible future hacking intrusions)
View 6 Replies
View Related
Nov 28, 2008
I have 2 server one is Linux server+Cpanel+CSF firewall where my site is running and one is windows server where my exchange mail server is running .Now thing is that when anyone send mail through my web site (after filling contact form) to me it doesn't come to my email id but when i stop my firewall and then i check contact form and fill it the mail goes to my mail id.
I have php script with SMTP authentication.
which port is blocked in my firewall and after disabling firewall it work.how can i check when firewall is on that time why mails are not coming in my email id that time which port is blocked by firewall.
Allow Port in firewall:-- 25,80,20,21,465,443,110,143
View 10 Replies
View Related
Jul 5, 2007
seems one of my sites has been added to some mega "toplist" site thats bringing in fake traffic to my site which is basically like a DOS attack - over 1000 connections.
coming from
[url]
[url]
[url]
linking to a php file in one of my accounts which has since been removed. however still getting a heck of a lot of hits, they probably all see 404 messages which still causes load on my server.
any suggestions how to fix this? the traffic is referred from above urls but hundreds of ip addresses. is there anyway to blacklist the referrer so people are just blocked, period?
View 6 Replies
View Related
Oct 6, 2007
Running freebsd with pf, and was wondering if there's anything like www.fixingtheweb.info for pf instead of IP tables? Otherwise it'll be a long day
View 1 Replies
View Related
Apr 14, 2007
I had a few sites hacked today. I'm using phpbb (all updates) and, apparently, the only thing they did was to drop the database and replace it with one featuring a single post "advertising" their hacker group. I tried bringing everything back on-line, but they would just attack again and take it down quickly... I'm thinking it's probably just some script kiddies.
They announce themselves as "turkish hackers". Browsing around for their message, I found they attacked quite a few sites. What I was thinking, to help preventing this from happening again, is to ban all visitors from Turkey (none of these sites has a need for them, as they're aimed at a local audience).
Can I do this simply by using "deny from .tr" in htaccess? Or are there any more steps to be taken?
View 6 Replies
View Related
Nov 7, 2007
I have my server set up with the smtp daemon running on port 125, and assp listening on ports 25 and 26, and forwarding to port 125 if the mail passes. This setup has been working for months and months. Already today I've received several emails.
I just attempted to send an email, however, and thunderbird could not connect to port 26. (I use an alternate port because my ISP blocks port 25 except to their mail servers)
So I thought that assp had stopped running. Attempted to go to myip:55555, but the page would not load. Now I really thought assp was broken. SSH'd into server and was able to telnet to localhost, port 26 without an issue. Was also able to lynx [url] without an issue.
Since I'm able to log in to all of these weird ports via SSH but not from my local computer, I'm apt to think that they are blocking the ports (for some reason).
Is there any way I can test this theory? Nothing has changed on my side firewall-wise, and the poor girl at the ISP company didn't even know what a port was. I would like to be 100% sure before I give them another call demanding to speak to someone higher up...
View 5 Replies
View Related
Feb 10, 2007
how to ban our blocking IP Location in my server like country range?
and how can i know the IP's country range?
View 5 Replies
View Related
Jul 20, 2007
as per apf firewall issue
Jul 17 02:03:02 duck kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:01:02:c9:94:20:00:90:69:8a:f3:f0:08:00 SRC=192.168.1.43 DST=192.168.1.220 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=40428 DF PROTO=TCP SPT=37079 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
i already added 192.168.1.43 ip in allow list.
tcp:in : d=3306 : s=192.168.1.43
d=3306 : s =192.168.1.43
tcp: out : d=3306 : s =192.168.1.43
# added 192.168.1.43 on 07/19/07 01:15:21
192.168.1.43
But ip is still blocking traffic while monitor mysql....
View 3 Replies
View Related
May 24, 2007
APF firewall is blocking IP's from the allowed range
I have this inserted in /etc/apf/allowed_hosts.rules and restarted APF of course
67.79.221.0/24
70.112.124.0/24
70.113.54.0/24
It still blocked this IP for example, 67.79.221.154
Anyone know why?
View 4 Replies
View Related
Jul 11, 2009
I have a virtuozzo VPS with CSF. People can't connect to ftp because the firewall is conflicting with iptables. I looked at the csf guide:
[url]
To correct it, the ftp issues states:
Quote:
For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange30000 35000
Where is pure-ftpd.conf? Do I have to install it or something?
View 8 Replies
View Related
May 14, 2009
I have a client who needs to block IP range on a windows server. However, he is using Cloud hosting from Rackspace. I guess they are not being corporative in doing so. Anyway to do this without root? Perhaps from the control panel?
View 4 Replies
View Related